Vulnerability Details : CVE-2018-19475
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
Exploit prediction scoring system (EPSS) score for CVE-2018-19475
Probability of exploitation activity in the next 30 days: 0.50%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 74 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2018-19475
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
nvd@nist.gov |
|
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
nvd@nist.gov |
References for CVE-2018-19475
-
https://access.redhat.com/errata/RHSA-2019:0229
RHSA-2019:0229 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://usn.ubuntu.com/3831-1/
USN-3831-1: Ghostscript vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://www.debian.org/security/2018/dsa-4346
Debian -- Security Information -- DSA-4346-1 ghostscriptThird Party Advisory
-
https://access.redhat.com/errata/RHBA-2019:0327
RHBA-2019:0327 - Bug Fix Advisory - Red Hat Customer PortalThird Party Advisory
-
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3005fcb9bb160af199e761e03bc70a9f249a987e
git.ghostscript.com Git - ghostpdl.git/commitPatch;Vendor Advisory
-
http://www.securityfocus.com/bid/106154
Ghostscript Multiple Security Bypass VulnerabilitiesThird Party Advisory;VDB Entry
-
https://semmle.com/news/semmle-discovers-severe-vulnerability-ghostscript-postscript-pdf
Ghostscript Vulnerabilities in Postscript & PDF Processings | Semmle BlogMitigation;Exploit;Third Party Advisory
-
https://bugs.ghostscript.com/show_bug.cgi?id=700153
700153 – Safer mode bypass allows shell command execution after restoreIssue Tracking;Patch;Vendor Advisory
-
https://www.ghostscript.com/doc/9.26/History9.htm#Version9.26
History of Ghostscript versions 9.nRelease Notes;Vendor Advisory
-
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=aeea342904978c9fe17d85f4906a0f6fcce2d315
git.ghostscript.com Git - ghostpdl.git/commitPatch;Vendor Advisory
-
https://lists.debian.org/debian-lts-announce/2018/11/msg00036.html
[SECURITY] [DLA 1598-1] ghostscript security updateMailing List;Third Party Advisory
Products affected by CVE-2018-19475
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
- cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*